General

  • Target

    control.exe

  • Size

    3.0MB

  • Sample

    230213-15fnnagf62

  • MD5

    ff7f647536d4ee57ec129151e5ff71b5

  • SHA1

    8eb63340b5047dabff508ce67a3eb95c22f02a37

  • SHA256

    845ade5537fadbb77368349cdc51b533a6ad02e819e4b74f21186fdaed1a7ea2

  • SHA512

    486df438a6f0d78260bc48572cc28054e8e7fb886e1567efe853053add52bb3f5a894e8e76a247cafdb2b8c165f3162ed3423a6d4cd1059c668a35cc786cc711

  • SSDEEP

    49152:TNX/kxUhAnhP/4G2imMLb6cEPiITRf+EGg7ddjzaII5oTk6k1oFW:Tt/cqAhPpJLucQjFTPw

Score
10/10

Malware Config

Extracted

Family

aurora

C2

159.69.108.164:8081

Targets

    • Target

      control.exe

    • Size

      3.0MB

    • MD5

      ff7f647536d4ee57ec129151e5ff71b5

    • SHA1

      8eb63340b5047dabff508ce67a3eb95c22f02a37

    • SHA256

      845ade5537fadbb77368349cdc51b533a6ad02e819e4b74f21186fdaed1a7ea2

    • SHA512

      486df438a6f0d78260bc48572cc28054e8e7fb886e1567efe853053add52bb3f5a894e8e76a247cafdb2b8c165f3162ed3423a6d4cd1059c668a35cc786cc711

    • SSDEEP

      49152:TNX/kxUhAnhP/4G2imMLb6cEPiITRf+EGg7ddjzaII5oTk6k1oFW:Tt/cqAhPpJLucQjFTPw

    Score
    7/10
    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Accesses cryptocurrency files/wallets, possible credential harvesting

MITRE ATT&CK Enterprise v6

Tasks